Breaking down
RTC security
A blog about vulnerabilities and attacks affecting VoIP and WebRTC applications and infrastructure by Enable Security.
Read our newsletter
June 2024: WebRTC security specs that need fixing and vulnerable VoIP firmware and WebEx
Published on Jun 28, 2024
Welcome to the June 2024 edition of the RTCSec newsletter, covering VoIP and WebRTC security news and related topics. In this edition, we cover: Our latest publication on our blog about WebRTC vulnerabilities Cisco WebEx’s seemingly obvious vulnerabilities and their effect on military and political entities Security fixes in Chrome, affecting WebRTC Vulnerabilities in Mitel phones, sngrep, and… iTunes? And more! The RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.…
Read more »May 2024: Presenting on DTLS WebRTC DoS and the latest VoIP vulnerabilities
Published on May 31, 2024
It is already the end of May, and we have a packed newsletter this month! In this edition, we cover: Our upcoming presentation about the DTLS ClientHello DoS vulnerability Vulnerabilities fixed in Asterisk, ALU and Cisco phones and more RCS phishing attempts and a Pre-War Reality Check and VoIP resilience New features from Kwanlabs SIP Open Relay tester A talk about STIR/SHAKEN privacy concerns Short news covering fax, physical access control vulnerabilities and honeypots The RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.…
Read more »
Sandro Gauci, Enable Security
TADSummit Innovators Podcast reviews the Last 6 Months of RTC Security Trends with Sandro Gauci
Published on Jul 26, 2024 in voip security, webrtc security
This week, I had the pleasure of joining Alan Quayle on the TADSummit Innovators Podcast to review the last six months of VoIP and WebRTC security news. We delved into some of the most intriguing trends emerging in the RTC security space. We covered the following RTC security trends for 2024 so far: Increasing focus on WebRTC vulnerabilities and security Growing concern over VoIP and conferencing platform security Emerging threats from AI and machine learning in audio manipulation Growing importance of resilience in communication systems SMS/Voice 2FA is hugely problematic Here are the top 10 insights that emerged from our discussion:…
Read more »Sandro Gauci, Enable Security
OpenSIPS Security Audit Report is fully disclosed and out there
Published on Mar 17, 2023 in sip security, sipvicious pro, sip security testing, security tools, opensips, kamailio, fuzzing, denial of service, research
It’s almost a year since the OpenSIPS project published a minimized version of our security audit report from 2022. Now, the full version has been published, with all the information intact on how to reproduce the vulnerabilities and extra details in an 80+ page report. The OpenSIPS security audit report can be found here. What is the OpenSIPS security audit? OpenSIPS is a SIP server that often has a critical security function within an IP communications system.…
Read more »
A Novel DoS Vulnerability affecting WebRTC Media Servers
Last updated on Jun 25, 2024 in denial of service, freeswitch, webrtc security, asterisk
Executive summary (TL;DR) A critical denial-of-service (DoS) vulnerability has been identified in media servers that process WebRTC’s DTLS-SRTP, specifically in their handling of ClientHello messages. This vulnerability arises from a race condition between ICE and DTLS traffic and can be exploited to disrupt media sessions, compromising the availability of real-time communication services. Mitigations include filtering packets based on ICE-validated IP and port combinations. The article also indicates safe testing methods and strategies for detecting the attack.…
Read more »Abusing SIP for Cross-Site Scripting? Most definitely!
Last updated on Jun 10, 2021 in sip security, voip security, application security
Executive summary (TL;DR) SIP can be used as an attack vector for AppSec vulnerabilities such as cross-site scripting (XSS), potentially leading to unauthenticated remote compromise of critical systems. VoIPmonitor GUI had one such vulnerability which highlights this attack vector exceptionally well. The following writeup explores how persistent backdoor administrative access can be obtained by sending malicious SIP messages. This vulnerability was reported by Enable Security and fixed in VoIPmonitor GUI back in February 2021, using standard cross-site scripting protection mechanisms.…
Read more »Attacking a real VoIP System with SIPVicious OSS
Last updated on Jun 8, 2020 in sipvicious oss, security tools, sip security
Recently, we put out a target server on the Internet at demo.sipvicious.pro which hosts a Kamailio Server handling SIP over UDP, TCP, TLS as well as WebSockets. Behind that, the observant reader will soon discover that an Asterisk server handles the voicemail and echo services. This is actually a fully functioning (real) VoIP system that’s ready to be attacked. Therefore, in combination, these software packages allow us to reproduce a number of common security vulnerabilities affecting VoIP and WebRTC systems.…
Read more »Sandro Gauci, Enable Security
Jitsi Meet on Docker default passwords - how bad is it, how to detect and fix it
Last updated on Apr 20, 2020 in xmpp security, jitsi meet, research, webrtc security, default passwords
Executive summary (TL;DR) Jitsi Meet on Docker contained default passwords for important users, which could be abused to run administrative XMPP commands, including shutting down the server, changing the administrative password and loading Prosody modules. We also provide instructions on how to check for this issue if you administer a Jitsi Meet server. Background story A few days ago we noticed a tweet by @joernchen mentioning something that sounded familiar, Jitsi.…
Read more »